Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2007-1359
Interpretation conflict in ModSecurity (mod_security) 2.1.0 and previous versions allows remote malicious users to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ (0x00) byte, which mod_security treats as a terminator even though it is...
Mod Security Mod Security 1.7.4
Mod Security Mod Security 1.7.5
Mod Security Mod Security 1.7.1
Mod Security Mod Security 1.7.2
Mod Security Mod Security 1.9.4
Mod Security Mod Security 2.1
Mod Security Mod Security 1.7
1 EDB exploit
384
VMScore
CVE-2014-4664
Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin prior to 5.1.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the whoisval parameter on the WordfenceWhois page to wp-admin/admin.php.
Wordfence Security Project Wordfence Security 5.1.2
Wordfence Security Project Wordfence Security 5.1.1
Wordfence Security Project Wordfence Security 5.0.3
Wordfence Security Project Wordfence Security 5.0.2
Wordfence Security Project Wordfence Security 5.0.7
Wordfence Security Project Wordfence Security 5.0.6
Wordfence Security Project Wordfence Security 5.0.9
Wordfence Security Project Wordfence Security 5.0.8
Wordfence Security Project Wordfence Security 5.0.1
Wordfence Security Project Wordfence Security 5.0.5
Wordfence Security Project Wordfence Security 5.0.4
2 Github repositories
445
VMScore
CVE-2013-0531
The SSL implementation in IBM Security AppScan Enterprise prior to 8.7.0.1 enables cipher suites with weak encryption algorithms, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network.
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 6.1.1.0
Ibm Security Appscan 8.0.1.1
Ibm Security Appscan 8.0.1.0
Ibm Security Appscan 6.0.0.0
Ibm Security Appscan 5.6.0.0
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 8.0.11
Ibm Security Appscan 6.0.2.0
Ibm Security Appscan 6.0.1.0
Ibm Security Appscan
Ibm Security Appscan 8.6.0.2
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.0.0.1
151
VMScore
CVE-2013-2997
IBM Security AppScan Enterprise prior to 8.7 does not invalidate the session context upon a logout action, which allows remote malicious users to hijack sessions by leveraging an unattended workstation.
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 6.1.1.0
Ibm Security Appscan 6.0.2.0
Ibm Security Appscan
Ibm Security Appscan 8.0.1.0
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 5.6.0.0
Ibm Security Appscan 8.0.11
Ibm Security Appscan 8.0.1.1
Ibm Security Appscan 6.0.1.0
Ibm Security Appscan 6.0.0.0
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 8.0.0.0
668
VMScore
CVE-2016-3102
The Script Security plugin prior to 1.18.1 in Jenkins might allow remote malicious users to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.
Jenkins Script Security 1.10
Jenkins Script Security 1.9
Jenkins Script Security 1.8
Jenkins Script Security 1.7
Jenkins Script Security 1.13
Jenkins Script Security 1.11
Jenkins Script Security 1.6
Jenkins Script Security 1.4
Jenkins Script Security 1.18
Jenkins Script Security 1.17
Jenkins Script Security 1.16
Jenkins Script Security 1.15
Jenkins Script Security 1.2
Jenkins Script Security 1.1
Jenkins Script Security 1.0
Jenkins Script Security 1.14
Jenkins Script Security 1.12
Jenkins Script Security 1.5
Jenkins Script Security 1.3
312
VMScore
CVE-2013-5453
IBM Security AppScan Enterprise 5.6 up to and including 8.7.0.1 allows remote authenticated users to read arbitrary report files by leveraging knowledge of filenames that cannot be easily predicted.
Ibm Security Appscan 6.0.2.0
Ibm Security Appscan 6.0.0.0
Ibm Security Appscan 6.0.1.0
Ibm Security Appscan 8.0.1.1
Ibm Security Appscan 8.0.11
Ibm Security Appscan 8.7.0.1
Ibm Security Appscan 5.6.0.0
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.0.1.0
Ibm Security Appscan 8.6.0.2
Ibm Security Appscan 8.7.0.0
Ibm Security Appscan 6.1.1.0
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.6.0.1
890
VMScore
CVE-2007-5580
Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 prior to 4.5.1.672, 5.0 prior to 5.0.0.225, 5.1 prior to 5.1.0.106, and 5.2 prior to 5.2.0.238 on Windows allows remote malicious users to execute arbitrary code via a crafted SMB packet in a TCP session on port (1...
Cisco Security Agent 4.0
Cisco Security Agent 4.0.1
Cisco Security Agent 4.5.1.659
Cisco Security Agent 5.0
Cisco Security Agent 4.0.3.728
Cisco Security Agent 4.5
Cisco Security Agent 5.1
Cisco Security Agent 5.1.79
Cisco Security Agent 2.1
Cisco Security Agent 3
Cisco Security Agent 4.5.1
Cisco Security Agent 4.5.1.639
Cisco Security Agent 4.5.1.657
Cisco Security Agent 5.2
Cisco Security Agent 4.0.2
Cisco Security Agent 4.0.3
Cisco Security Agent 5.0.0.201
Cisco Security Agent 5.0.193
445
VMScore
CVE-2014-6136
IBM Security AppScan Standard 8.x and 9.x prior to 9.0.1.1 FP1 supports unencrypted sessions, which allows remote malicious users to obtain sensitive information by sniffing the network.
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.0.0.3
Ibm Security Appscan 8.8.0.0
Ibm Security Appscan 9.0.0.0
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 8.7.0.0
Ibm Security Appscan 8.7.0.1
Ibm Security Appscan 9.0.0.1
Ibm Security Appscan 9.0.1.0
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 9.0.1.1
445
VMScore
CVE-2006-4562
The proxy DNS service in Symantec Gateway Security (SGS) allows remote malicious users to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy D...
Symantec Gateway Security 5310 1.0
Symantec Gateway Security 5400 2.0.1
Symantec Gateway Security 5110
Symantec Gateway Security 5200 1.0
Symantec Gateway Security 360
Symantec Gateway Security 5300
Symantec Gateway Security 320
Symantec Gateway Security 360r
Symantec Gateway Security 1.0
Symantec Gateway Security 5400 2.0
Symantec Gateway Security 5000 Series 2.0.1
Symantec Gateway Security 5000 Series 3.0
Symantec Gateway Security 5200
Symantec Gateway Security 5300 1.0
Symantec Gateway Security 5110 1.0
516
VMScore
CVE-2014-8918
IBM Security AppScan Standard 8.x and 9.x prior to 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.8.0.0
Ibm Security Appscan 9.0.0.0
Ibm Security Appscan 8.0.0.3
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 9.0.0.1
Ibm Security Appscan 9.0.1.0
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 8.7.0.0
Ibm Security Appscan 8.7.0.1
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 9.0.1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »